IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
21 February 2023
Munawar Hasan, Donghoon Chang
ePrint ReportBaptiste Lambin, Gregor Leander, Patrick Neumann
ePrint ReportWe then apply our findings to the notion of alignment, pointing out that the previous definition allows for primitives that are both aligned and unaligned simultaneously. As a second result, we present experimental data that shows that alignment might only have limited impact. For this, we compare aligned and unaligned versions of the cipher PRESENT.
Corentin Jeudy, Adeline Roux-Langlois, Olivier Sanders
ePrint ReportCharlotte Hoffmann, Pavel Hubáček, Chethan Kamath, Krzysztof Pietrzak
ePrint ReportOur approach is based on a cryptographic primitive called Proof of Exponentiation (PoE) which, for a group $\mathbb{G}$, certifies that a tuple $(x,y,T)\in\mathbb{G}^2\times\mathbb{N}$ satisfies $x^{2^T}=y$ (Pietrzak, ITCS 2019 and Wesolowski, J. Cryptol. 2020). In particular, we show how to adapt Pietrzak's PoE at a moderate additional cost to make it a cryptographically-sound certificate of non-primality.
Keegan Ryan, Nadia Heninger
ePrint ReportCryptoExperts, Paris, France
Job PostingThe community is divided on how to assess the security of cryptographic implementations. From practitioners’ perspective, they need to be confronted with concrete side-channel attacks directly on embedded devices. Conversely, theorists consider that such an empirical approach is not portable and does not yield concrete security levels (e.g., not all attacks can be tested). Therefore, they instead investigate security proofs based on abstract leakage models, although the latter are often too far removed from reality to yield practical security.
The combination of both worlds with a toolbox to generate and verify cryptographic implementations with practical security is the topic of an ERC starting project that is hosted by CryptoExperts. As a member of this project, the candidate will work on the design of new compilers to turn any high-level algorithm into an efficient implementation proven secure for identified concrete devices.
Starting date: around September 2023 (flexible)
Duration: 3 years
Closing date for applications:
Contact: Sonia Belaïd
More information: https://www.cryptoexperts.com/sbelaid/2023_offre-these-erc.pdf
Newcastle University, School of Computing, Newcastle Upon Tyne, United Kingdom
Job PostingWe are seeking an outstanding, highly motivated and enthusiastic PhD student to conduct research related to quantum cyber security. Rapid development of quantum computers poses serious risks to data and communication security. Quantum and post-quantum cryptography technologies provide means to tackle these challenges. In this adventurous experimental PhD project, we will be working on a hybrid solution combining the two technologies.
The successful applicant will be experimentally developing quantum light sources in atomically thin graphene-like materials (Nobel Prize 2010) suitable for quantum communication applications. The PhD student will also be developing hybrid post-quantum secure cryptography protocols based on the experimental outcomes.
The project will involve nanofabrication, optical and electron transport measurements, scanning probe microscopy, instrumentation development and collaborations with academia and industry.
The student will be part of the School of Mathematics, Statistics and Physics with its world-class measurement facilities and cleanrooms, and the Secure and Resilient Systems Research Group part of the accredited centre of excellence in cyber security research, one of only 19 accredited centres of excellence in the UK.
Eligibility Criteria: You must have, or expect to gain, a minimum 2:1 Honours degree or international equivalent in Physics or Materials Science. Solid knowledge of quantum physics and familiarity with Cryptography and Cyber Security are required.
Closing date for applications:
Contact:
Dr Aleksey Kozikov (aleksey.kozikov@newcastle.ac.uk)
Dr Essam Ghadafi (Essam.Ghadafi@newcastle.ac.uk)PhD studentship in Applied Cryptography: Post-Quantum Secure Confidentiality-Preserving Security Ass
Newcastle University, School of Computing, Newcastle Upon Tyne, United Kingdom
Job PostingInterested in cryptographically assuring the security of computer systems in a post-quantum age?
Confidentiality-preserving security assurance establishes the capacity to certify and prove in security properties of complex system, while keeping details of the system confidential. While the field has advanced in recent years with new digital signature schemes and solution proposals that bind security assurance to underlying hardware attestation, all existing solutions have in common that they can be broken by adversaries with access to a scalable quantum computer. Experts, however, predict that such computing capacity will become available within the next decade. Hence, it will be crucial to establish post-quantum secure confidentiality preserving security assurance.
How can we establish new digital signature schemes that are post-quantum secure and that can realize confidentiality preserving security assurance? What zero-knowledge proof of knowledge techniques will serve us in this environment? How can we prove the security of these schemes with respect to hard mathematical problems secure in face of quantum adversaries?
Applicants should have a strong background in computer science and experience with cryptography. High motivation for independent theoretical/computational work is essential.
Newcastle University Centre of Research Excellence in Cyber Security and Resilience is a cross-faculty environment with 135 members, recognized as a national Academic Centre of Excellence in Cyber Security Research (ACE-CSR). The topic Post-Quantum Secure Confidentiality-Preserving Security Assurance is hosted in the Secure and Resilient Systems Group.
Eligibility Criteria You must have, or expect to gain, a minimum 2:1 Honours degree or international equivalent in a subject relevant to the proposed PhD project (cyber security & resilience, advanced computer science, cryptography). A strong mathematical background is desirable.
Closing date for applications:
Contact:
Prof Thomas Gross (Thomas.gross@newcastle.ac.uk)
Dr Essam Ghadafi (Essam.Ghadafi@newcastle.ac.uk)More information: https://www.findaphd.com/phds/project/phd-studentship-in-applied-cryptography-post-quantum-secure-confidentiality-preserving-security-assurance/?p155500
Newcastle University, School of Computing, Newcastle Upon Tyne, United Kingdom
Job PostingWe are seeking a highly motivated PhD student to conduct research related to the design of novel provably secure lightweight (hardware-based) cryptographic solutions for authentication and authorization to secure zero-trust networks. The aim is to strengthen security in zero-trust networks by giving devices and users fine-grained control over their resources via designing efficient modular solutions.
You will be part of the Secure and Resilient Systems Research Group part of the accredited centre of excellence in cyber security research, one of only 19 accredited centres of excellence in the UK. You will be working with researchers from both the School of Computing and the School of Engineering.
The supervisory team has strong track records and expertise in cryptography, hardware security, cyber security, and electronic systems design.
You must have, or expect to gain, a minimum 2:1 Honours degree or international equivalent in Computer Science or related subject. Familiarity with and interest in cryptography and cyber security is required.
Closing date for applications:
Contact: Dr Essam Ghadafi (Essam.Ghadafi@newcastle.ac.uk)
KETS Quantum Security
Job PostingClosing date for applications:
Contact: careers@kets-quantum.com
More information: https://ketsquantum.livevacancies.co.uk/#/job/details/29?target=frame
Taiga Hiroka, Fuyuki Kitagawa, Tomoyuki Morimae, Ryo Nishimaki, Tapas Pal, Takashi Yamakawa
ePrint ReportIn this work, we define certified everlasting secure versions of FE, compute-and-compare obfuscation, predicate encryption (PE), secret-key encryption (SKE), public-key encryption (PKE), receiver non-committing encryption (RNCE), and garbled circuits. We also present the following constructions:
- Adaptively certified everlasting secure collusion-resistant public-key FE for all polynomial-size circuits from indistinguishability obfuscation and one-way functions.
- Adaptively certified everlasting secure bounded collusion-resistant public-key FE for $\mathsf{NC}^1$ circuits from standard PKE.
- Certified everlasting secure compute-and-compare obfuscation from standard fully homomorphic encryption and standard compute-and-compare obfuscation
- Adaptively (resp., selectively) certified everlasting secure PE from standard adaptively (resp., selectively) secure attribute-based encryption and certified everlasting secure compute-and-compare obfuscation. - Certified everlasting secure SKE and PKE from standard SKE and PKE, respectively.
- Certified everlasting secure RNCE from standard PKE.
- Certified everlasting secure garbled circuits from standard SKE.
Anubhab Baksi, Jakub Breier, Vishnu Asutosh Dasu, Xiaolu Hou, Hyunji Kim, Hwajeong Seo
ePrint ReportWe show new distinguishers on the unkeyed and round reduced version of SPECK-32, SPECK-128, ASCON, SIMECK-32, SIMECK-64 and SKINNY-128. We explore multiple avenues in the process. In summary, we use neural network as well as support vector machine in various settings (such as varying the activation function), apart from experimenting with a number of input difference tuples. Among other results, we show a distinguisher of 8-round SPECK-32 that works with practical data complexity (most of the experiments take a few hours on a personal computer).
Rupeng Yang
ePrint ReportIn this work, we solve the problem by constructing an adaptively secure private puncturable PRF from standard lattice assumptions. To achieve this goal, we present a new primitive called explainable hash, which allows one to reprogram the hash function on a given input. The new primitive may find further applications in constructing more cryptographic schemes with adaptive security. Besides, our construction has collusion resistant pseudorandomness, which requires that even given multiple constrained keys, no one could learn the values of the PRF at the punctured points. Private puncturable PRFs with collusion resistant pseudorandomness were only known from multilinear maps or indistinguishability obfuscations in previous works, and we provide the first solution from standard lattice assumptions.
Varun Narayanan, Vinod M. Prabhakaran, Neha Sangwan, Shun Watanabe
ePrint ReportMartin R. Albrecht, Alex Davidson, Amit Deo, Daniel Gardham
ePrint ReportIn this work, we construct a novel POPRF from lattice assumptions and the "Crypto Dark Matter" PRF candidate (TCC'18) in the random oracle model. At a conceptual level, our scheme exploits the alignment of this family of PRF candidates, relying on mixed modulus computations, and programmable bootstrapping in the "3rd gen" torus-fully homomorphic encryption scheme (TFHE). We show that our construction achieves malicious client security based on circuit-private FHE, and client privacy from the semantic security of the FHE scheme. We further explore a heuristic approach to extend our scheme to support verifiability based on the difficulty of computing cheating circuits in low depth. This would yield a verifiable (P)OPRF. We provide a proof-of-concept implementation and benchmarks of our construction using the "Concrete" TFHE software library. For the core online OPRF functionality, client operations take only a few milliseconds, while server evaluation takes less than 3 seconds.
Mostefa Kara, Abdelkader Laouid, Omer Al dabbas, Mohammad Hammoudeh, Ahcène Bounceur
ePrint ReportOrr Dunkelman, Shibam Ghosh, Eran Lambooij
ePrint ReportFuyuki Kitagawa, Ryo Nishimaki
ePrint ReportWe obtain the following results. - We show that one-time strong anti-piracy secure secret key single-decryptor encryption (SDE) implies one-out-of-many indistinguishable-secure unclonable encryption. - We construct a one-time strong anti-piracy secure secret key SDE scheme in the standard model from the LWE assumption. - We construct one-out-of-many copy-protection for single-bit output point functions from one-out-of-many indistinguishable-secure unclonable encryption and the LWE assumption. - We construct one-out-of-many unclonable predicate encryption (PE) from one-out-of-many indistinguishable-secure unclonable encryption and the LWE assumption.
Thus, we obtain one-out-of-many indistinguishable-secure unclonable encryption, one-out-of-many copy-protection for single-bit output point functions, and one-out-of-many unclonable PE in the standard model from the LWE assumption. In addition, our one-time SDE scheme is the first SDE scheme that does not rely on any oracle heuristics and strong assumptions such as indistinguishability obfuscation and witness encryption.
Benjamin Dowling, Britta Hale
ePrint ReportYong Liu, Zejun Xiang, Siwei Chen, Shasha Zhang, Xiangyong Zeng
ePrint ReportIn this paper, we propose a new technique that uses two-dimensional binary variables to model the input and output differences and characterize contradictions with constraints. In our model, the existence of IDs can be directly obtained by checking whether the model has a solution. In addition, our tool can also detect any contradictions between input and output differences by changing the position of the contradictions. Our method is confirmed by applying it to several block ciphers, and our results show that we can find 6-, 13-, and 12-round IDs for Midori-64, CRAFT, and SKINNY-64 within a few seconds, respectively. Moreover, by carefully analyzing the key schedule of Midori-64, we propose an equivalent key transform technique and construct a complete MILP model for an 11-round impossible differential attack (IDA) on Midori-64 to search for the minimum number of keys to be guessed. Based on our automatic technique, we present a new 11-round IDA on Midori-64, where 23 nibbles of keys need to be guessed, which reduces the time complexity compared to previous work. The time and data complexity of our attack are $2^{116.59}$ and $2^{60}$, respectively. To the best of our knowledge, this is the best IDA on Midori-64 at present.